On Wed, 2008-01-23 at 16:48 -0600, Stephen Torri wrote: > GCC Community, > > I am a PhD candidate at Auburn University in Alabama investigating > automated compiler detection for reverse engineering. The reason I am > contacting this mailing list is to see if anyone knows of research done > to discover the compiler used to create a binary executable. > > Sincerely, > > Stephen Torri > PhD Candidate > Auburn University > Department of Computer Science and Software Engineering > [EMAIL PROTECTED] > >
If GCC is any guide, this will often be trivial. GCC embeds lots of data about the source system and compiler in the executable. > file temp.x temp.x: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.0, dynamically linked (uses shared libs), not stripped Also in the same file GCC: (GNU) 4.1.2 (Ubuntu 4.1.2-0ubuntu4) If this is a reverse engineering project, your adversary will probably have stripped as much of this kind of thing as possible though. Tim Josling
